Wireless eavesdropping

Keyboard Shortcuts

Wireless networks are insecure by default until administrators add security controls. This is due to their very nature—they use radio transmissions that may be intercepted by anyone with an antenna. In this video, learn about wireless eavesdropping attacks, such as those waged on WEP.

- [Instructor] Wireless networks are insecure by defaultuntil administrators add security controls.This is due to the very nature of wireless networks.They use radio transmissions that may be interceptedby anyone with an antenna.Security professionals use encryptionto protect the confidentiality of information sentover wireless networks.Let's take a look at attacks that allow eavesdroppersto defeat wireless network security.Wireless networks are everywhere.They use a standard technology called wireless fidelity,or as most of us know it, wifi.

The Institute of Electrical and Electronics Engineersis responsible for telling the world how to make wifi work,and they do so in a standard document called 802.11.For this reason,you'll sometimes hear the term 802.11 network thrownaround in technical circles.When people say this, they're simply talking about wifi.One of the features of wifi is thatnetworks advertise their presence.That's how you know a wifi network exists when you walkinto a coffee shop or airport.Every wifi network has a short name,known as its Service Set Identifier or SSID.

That's often something like Free Wifi Guestor other names that pop up on your phone frequently.Wireless networks use a technique known as beaconingto tell nearby devices that they are availablefor connection.Beaconing, while common, is optional.Networks that don't wantto advertise their presence can disable beaconing.Users who know that the network is therecan configure it manually.Wifi is a huge convenience for users,but it also introduces security concernsthat didn't exist on wired networks.

When I'm plugged into a network jack on the wall,eavesdropping on that connection requireseither physically tapping the cable,or compromising a network device.Wifi, on the other hand, uses radio signalsthat anyone can pluck out of the airwith some very basic equipment and an antenna.This makes encryption criticalfor protecting the security of wireless networks.Encryption hides the true content of network trafficfrom those who do not have the encryption key.It takes an insecure communications technology, radio waves,and makes it secure.

You have four options when it comes to wireless encryption.Two of them are bad.Using no encryption at all and sending messagesin the clear open to anyone certainly isn't a good idea.You also don't want to use a technology knownas Wired Equivalent Privacy or WEP.WEP uses very weak encryption that is easy to hack.We'll talk more about that in a moment.Two wireless encryption options are much better.Wi-Fi protected Access, WPA,uses the Temporal Key Integrity Protocol, TKIP,to add security that WEP doesn't have.

TKIP changes the encryption key for each packet,preventing an attacker from discovering the keyafter monitoring the network for a long period of time.Security researchers have demonstratedsome theoretical attacks against WPA,but it is still widely used and considered safe.We'll talk more about WPA attacks in the next video.The current best practicefor wifi security is using WPA version 2.WPA2 uses an encryption protocol that is basedupon the Advanced Encryption Standard or AES.

This protocol has a really long name,Counter Mode Cipher Block ChainingMessage Authentication Code Protocol.Fortunately, you just need to know it as CCMP.So how might an attacker take advantage of WEP?When you set up a new WEP connection,the computer and access point exchangean Initialization Vector, or IV,that helps get the connection established.This IV is sent without encryption,because it is used to create the encrypted channel.If an attacker capturesenough different Initialization Vectors,he or she can reconstruct the encryption key.

Fortunately, you don't need to know the mathematicaldetails behind how this attack works,because they're pretty complicated.But it is important as you preparefor the Security Plus Exam that you knowthat WEP attacks rely upon capturing Initialization Vectors.As we discussed, WEP encryption is false advertising.The term wired equivalent privacy is a misnomer.Software utilities make it incredibly easyto crack WEP encryption,so administrators should choosethe secured WPA2 alternative.

Resume Transcript Auto-Scroll

Author

Released

10/6/2017

The CompTIA Security+ exam is an excellent entry point for a career in information security. The latest version, SY0-501, expands coverage of cloud security, virtualization, and mobile security. This course prepares exam candidates for the critical Threats, Attacks, and Vulnerabilities domain of the exam. By learning about malware, networking and application security exploitations, and social engineering, you'll be prepared to answer questions from the exam—and strengthen your own organization's systems and defenses. Author Mike Chapple, an IT leader with over 15 years of experience, also covers the processes for discovering and mitigating threats and attacks, and conducting penetration testing and scanning for vulnerabilities. Visit certmike.com to join one of his free study groups.